From 67348c8acfc205785996f2aea21b442f4b76f2c2 Mon Sep 17 00:00:00 2001 From: Nikita Popov Date: Tue, 8 Feb 2022 09:40:57 +0100 Subject: [PATCH] [Bitstream] Check for unterminated VBR This avoid shift larger than bitwidth UB. --- llvm/include/llvm/Bitstream/BitstreamReader.h | 8 ++++++++ .../Bitcode/Inputs/invalid-value-symbol-table-2.bc | Bin 256 -> 0 bytes .../{size-not-plausible.bc => unterminated-vbr.bc} | Bin llvm/test/Bitcode/invalid-no-ubsan.test | 19 ------------------- llvm/test/Bitcode/invalid.test | 5 +++++ 5 files changed, 13 insertions(+), 19 deletions(-) delete mode 100644 llvm/test/Bitcode/Inputs/invalid-value-symbol-table-2.bc rename llvm/test/Bitcode/Inputs/{size-not-plausible.bc => unterminated-vbr.bc} (100%) delete mode 100644 llvm/test/Bitcode/invalid-no-ubsan.test diff --git a/llvm/include/llvm/Bitstream/BitstreamReader.h b/llvm/include/llvm/Bitstream/BitstreamReader.h index 1067064..5a66b2d 100644 --- a/llvm/include/llvm/Bitstream/BitstreamReader.h +++ b/llvm/include/llvm/Bitstream/BitstreamReader.h @@ -247,6 +247,10 @@ public: return Result; NextBit += NumBits-1; + if (NextBit >= 32) + return createStringError(std::errc::illegal_byte_sequence, + "Unterminated VBR"); + MaybeRead = Read(NumBits); if (!MaybeRead) return MaybeRead; @@ -274,6 +278,10 @@ public: return Result; NextBit += NumBits-1; + if (NextBit >= 64) + return createStringError(std::errc::illegal_byte_sequence, + "Unterminated VBR"); + MaybeRead = Read(NumBits); if (!MaybeRead) return MaybeRead; diff --git a/llvm/test/Bitcode/Inputs/invalid-value-symbol-table-2.bc b/llvm/test/Bitcode/Inputs/invalid-value-symbol-table-2.bc deleted file mode 100644 index a6e4250730f90943648bc06ba4a5e74516045ac8..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 256 zcmZ>AK5*~%Z{OcQ3?x`t#2J2baWFtYLNo`P8Hnl39J(OL{Q$Gm|NsB_@BMdz>RAZX z^XoS&k2px+9MA|5Z~|hW7UqM>42%$CM7fCt@4tNc0$0lbXMq?%n;Ev{0!d;4if-;w KR4$D7{|^B1JY@L* diff --git a/llvm/test/Bitcode/Inputs/size-not-plausible.bc b/llvm/test/Bitcode/Inputs/unterminated-vbr.bc similarity index 100% rename from llvm/test/Bitcode/Inputs/size-not-plausible.bc rename to llvm/test/Bitcode/Inputs/unterminated-vbr.bc diff --git a/llvm/test/Bitcode/invalid-no-ubsan.test b/llvm/test/Bitcode/invalid-no-ubsan.test deleted file mode 100644 index 2cc8e05..0000000 --- a/llvm/test/Bitcode/invalid-no-ubsan.test +++ /dev/null @@ -1,19 +0,0 @@ -# These tests cover invalid inputs. -# When running under UBSan these tests hit UBSan issues before the validity -# checks that the test is intending to exercise. -# Under UBSan these tests fail because UBSan error is not the expected error. -# -# TODO: This code should be fixed to not exhibit UB, and these tests should be -# incorporated back into invalid.test and run under UBSan again. - -UNSUPPORTED: ubsan - -RUN: not llvm-dis -disable-output %p/Inputs/size-not-plausible.bc 2>&1 | \ -RUN: FileCheck --check-prefix=SIZE-NOT-PLAUSIBLE %s - -SIZE-NOT-PLAUSIBLE: Size is not plausible - -RUN: not llvm-dis -disable-output %p/Inputs/invalid-value-symbol-table-2.bc 2>&1 | \ -RUN: FileCheck --check-prefix=INVALID-VALUE-SYMBOL-TABLE-2 %s - -INVALID-VALUE-SYMBOL-TABLE-2: Expected value symbol table subbloc diff --git a/llvm/test/Bitcode/invalid.test b/llvm/test/Bitcode/invalid.test index c5cbabf..8af940d 100644 --- a/llvm/test/Bitcode/invalid.test +++ b/llvm/test/Bitcode/invalid.test @@ -266,3 +266,8 @@ RUN: not llvm-dis -disable-output %p/Inputs/invalid-value-symbol-table.bc 2>&1 | RUN: FileCheck --check-prefix=INVALID-VALUE-SYMBOL-TABLE %s INVALID-VALUE-SYMBOL-TABLE: Invalid value reference in symbol table + +RUN: not llvm-dis -disable-output %p/Inputs/unterminated-vbr.bc 2>&1 | \ +RUN: FileCheck --check-prefix=UNTERMINATED-VBR %s + +UNTERMINATED-VBR: Unterminated VBR -- 2.7.4